Back to plugin

Security audit

InsightClaw Plugin

Security checks across malware telemetry and agentic risk

Overview

InsightClaw appears to be a real observability plugin, but its privacy controls are ambiguous because some prompt and hook data can be captured outside the main content-capture toggle.

Review this carefully before installing in environments with private prompts, tool outputs, customer data, or secrets. Use only trusted OTLP endpoints, avoid the NODE_OPTIONS preload unless full LLM content tracing is acceptable, and assume action-hook events may appear in local logs even when captureContent is disabled.

VirusTotal

65/65 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.